Full Disclosure mailing list archives
Re: Authorities eye MSBlaster suspect
From: Valdis.Kletnieks () vt edu
Date: Fri, 29 Aug 2003 19:13:50 -0400
On Fri, 29 Aug 2003 14:46:32 PDT, morning_wood said:
And has it occurred to you that *MAYBE* his "high paying job" would be more productive if he wasn't spending most of his time having to deal with people breaking in, either proactively or reactively??that is his job
You're totally missing the point. If I'm doing security 30 hours a week, that's 30 hours a week I'm not available for other things. That's 30 hours I'm not spending helping do network performance tuning for the mail server. I'm sure the 70,000 users of the mail server would prefer that I was able to do that instead. That's 30 hours I'm not spending designing a new, more featureful print management system. I'm sure the people who get print jobs that we need to keep running (accounts receivable, invoices, purchase orders, etc) would prefer I was able to do that instead. That's 30 hours I'm not spending diagnosing compiler and kernel bugs. I'm sure the researcher who has a $2M grant project dead in the water would prefer I was able to do that instead. That's 30 hours I'm not spending working on a way to migrate users from Windows to Linux. I'm sure the people who are looking at a $500K/year bill for Microsoft licenses (and want a way to save money) would prefer I was able to do that instead. That's 30 hours I'm not spending deploying a new release of Listserv that has features that my users are asking for. I'm sure that many of the users on our 6,023 lists would prefer I was able to do that instead. You starting to see a pattern here? And yes, those are *ALL* things that are *part of* "my job". Many of them are things I'd enjoy doing more. All of them are things that would provide more *direct* benefit to my site than "doing security". And you can't weasel out by saying "Hire somebody else to do that other stuff" or "hire somebody else to do security" - the point is that if we did hire somebody else, then we'd only have 1 person of the 2 available for productive work. If we didn't have to keep spending resources on security, BOTH people would be available then.
Attachment:
_bin
Description:
Current thread:
- Re: Authorities eye MSBlaster suspect, (continued)
- Re: Authorities eye MSBlaster suspect Jeremiah Cornelius (Aug 29)
- Re: Authorities eye MSBlaster suspect Ben Nelson (Aug 29)
- Re: Authorities eye MSBlaster suspect Daniel C. Sobral (Aug 29)
- Re: Authorities eye MSBlaster suspect Rob Carlson (Aug 29)
- RE: Authorities eye MSBlaster suspect Chris DeVoney (Aug 29)
- Re: Authorities eye MSBlaster suspect morning_wood (Aug 29)
- Authorities eye MSBlaster suspect (long reply) Chris DeVoney (Aug 29)
- Re: Authorities eye MSBlaster suspect (long reply) Paul Schmehl (Aug 29)
- Re: Authorities eye MSBlaster suspect Valdis . Kletnieks (Aug 29)
- Re: Authorities eye MSBlaster suspect morning_wood (Aug 29)
- Re: Authorities eye MSBlaster suspect Valdis . Kletnieks (Aug 29)
- Re: Authorities eye MSBlaster suspect Paul Schmehl (Aug 29)
- My life sucks - was Re: Authorities eye MSBlaster suspect security () brvenik com (Aug 29)
- Re: Authorities eye MSBlaster suspect Larry W. Cashdollar (Aug 30)
- Re: Authorities eye MSBlaster suspect Byron Copeland (Aug 29)
- Re: Authorities eye MSBlaster suspect Valdis . Kletnieks (Aug 31)
- Re: Authorities eye MSBlaster suspect Darren Reed (Aug 30)
- RE: Authorities eye MSBlaster suspect Nick FitzGerald (Aug 29)
- Re: Authorities eye MSBlaster suspect Mike Tancsa (Aug 29)